The Committee on Economic and Monetary Affairs adopted the report by Pedro SILVA PEREIRA (S&D, PT) on the proposal for a regulation of the European Parliament and of the Council establishing a European single access point providing centralised access to publicly available information of relevance to financial services, capital markets and sustainability).
The committee responsible recommended that the European Parliament's position adopted at first reading under the ordinary legislative procedure should amend the proposal as follows:
The European Single Access Point (ESAP)
Members proposed to extend by one year the start date for the new European single access point. Therefore, by 31 December 2025, the European Securities and Markets Authority (ESMA) should establish and operate a European single access point (ESAP) providing centralised electronic access to information made public pursuant to the relevant provisions in the directives and regulations listed in the Annex and pursuant to any further legally binding Union act which provides for centralised electronic access to information through ESAP as well as other information of relevance to financial services provided in the Union or to capital markets of the Union or concerning sustainability and workplace diversity and inclusion that entities wish to make accessible on ESAP on a voluntary basis about their economic activities.
If available, ESAP should provide access to information submitted before 1 January 2025.
Voluntary submission of information for accessibility on ESAP
The report stipulated that from 1 January 2027, any entity may submit to a collection body the abovementioned information to make that information accessible on ESAP upon its establishment. Each Member State should designate at least one collection body for the collection of information submitted on a voluntary basis. The substance and format of that information should be of comparable value and reliability to that referred to above. When submitting that information, the entity should:
- provide the collection body with a minimum level of metadata about the information submitted, including metadata specifying the voluntary nature of the submission of such information;
- provide the collection body with its legal entity identifier;
- use at least a data extractable format for drawing up that information;
- ensure that no personal data are included, except where the personal data is required by Union or national law or constitutes a necessary element of the information about its economic activities and that data cannot be anonymised;
- ensure that the data submitted is accurate and complete.
By 31 December 2026, Member States should designate at least one collection body for the collection of information submitted on a voluntary basis and notify ESMA thereof.
If necessary, the Joint Committee of the European Supervisory Authorities should adopt guidance for entities to ensure the metadata submitted is relevant and draw upon existing technical standards when drafting implementing standards.
Tasks of the collection bodies
The report adds that the collection bodies should remove any information that is notified to the collection body as being false or containing errors.
Collection bodies that are Union bodies, authorities or registers may provide ESAP with historical information. This information should not be made available for longer than five years.
Cybersecurity
Members proposed that ESMA should put in place an effective and proportionate IT security policy for ESAP. Appropriate levels of authenticity, availability, integrity and non-repudiation of the information made accessible on ESAP and the protection of personal data should be ensured. ESMA may carry out periodic reviews of the IT security policy and the cybersecurity situation of ESAP in consideration of evolving Union and international cybersecurity trends and latest developments.
Use and re-use of information accessible on ESAP
According to Members, neither ESMA nor collection bodies should bear any liability for the use and re-use of information made available by entities and accessible on ESAP. Personal data from ESAP that is re-used should not be retained for longer than necessary and in any case for no longer than five years, unless otherwise stated.
Review
By 5 years after the entry into force of this Regulation, the Commission should review the functioning of ESAP and assess its effectiveness and identify shortcomings in its performance. The review shall also include the contribution of ESAP to increasing the visibility of SMEs to cross-border investors, ESAPs interoperability with similar global platforms and the costs incurred by ESMA for operating ESAP.